Search results
34 results
Sort by:
20230921
20230921
An open redirection on the login form and possibly other places
An open redirection when calling a specific url.
By accessing a specific URL, you could get redirected to the site of an attacker
Blind SSRF via feedparser accessing an internal URL
Denial of Service in plone.rest
Denial of Service when ++api++ is used many times.
Historical list of hotfixes for each Plone version
Plone Hotfix list
Hotfixes
Plone Hotfix list
Information disclosures: mostly installation logs
Open redirection on login form
An open redirection and reflected Cross Site Scripting attack (XSS) on the login form and possibly other places where redirects are done.
Password strength checks were not always checked.
Plone 5.2.2 released
A bugfix release with many fixes and package version upgrades
Plone 5.2.3, Plone 5.1.7 and Plone 4.3.20 released!
Final releases to 4.3 and 5.1 series, along with the latest 5.2.3.
Plone 5.2.4 Released!
Check out the latest release to Plone 5.2 series, which includes new features to plone.restapi along with security fixes and other improvements.
Plone 5.2.5 Released!
Check out the latest release to Plone 5.2 series, which includes security fixes, Zope updates and other improvements
Privilege escalation for overwriting content
Privilege escalation when plone.restapi is installed
Reflected XSS and Open Redirect in image_view_fullscreen
Reflected XSS in various spots
Release Schedule and Release Policy
Timeline of maintenance and support for Plone releases. Last major policy update: 2024-01-15.
Release schedule link
The Plone Release pages try to point to /download/release-schedule, but it comes out as /release-schedule, so I created a link.